smartor代码库
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
陈昶聿
4 天以前 a2f275c727fafc8d5f5f5908638f9a6ace0bd425 
 ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java


@@ -25,6 +25,7 @@


import org.springframework.web.bind.annotation.RestController;


import org.springframework.web.client.RestTemplate;


import org.springframework.web.servlet.view.RedirectView;


import org.springframework.web.util.UriComponentsBuilder;




import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


@@ -100,8 +101,33 @@


     * SSO登录入口 - 信通院会调用这个地址


     * 访问路径:http://域名:8095/sso/login


     */


    @GetMapping("ssoLogin")


    public RedirectView ssoLogin() {


    @GetMapping("")


    public void ssoLogin() {


        log.info("收到SSO登录请求,开始重定向到授权服务器");




        // Authorize鉴权接口


        String param = "client_id=" + clientId + "&redirect_uri=" + internalRedirectUri + "&response_type=code" + "&state=" + state + "&scope=" + scope;


        log.info("【Authorize鉴权接口】入参为:{}", param);


        String s = HttpUtils.sendGet(internalAuthorizeUrl, param);


        Map<String, String> result = getResult(s);


        String code = result.get("code");


        try {


            SSOTokenResponse accessToken = getAccessToken(code, true);


            SSOUserInfo userInfo = getUserInfo(accessToken.getAccess_token(), true);




            createLocalSession(userInfo);




        } catch (Exception e) {


            e.printStackTrace();


        }


    }




    /**


     * SSO登录入口 - 信通院会调用这个地址


     * 访问路径:http://域名:8095/sso/ssoLoginLyra


     */


    @GetMapping("ssoLoginLyra")


    public RedirectView ssoLoginLyra() {


        log.info("收到SSO登录请求,开始重定向到授权服务器");


        String id = clientId;


        String redirectUri = internalRedirectUri;


@@ -120,25 +146,42 @@


        String s = HttpUtils.sendGet(url, param);


        Map<String, String> result = getResult(s);


        String code = result.get("code");


        if (StringUtils.isEmpty(code)) {


            log.error("未获取到授权码");


            throw new BaseException("SSO授权失败");


        }




        String path = sysConfigService.selectConfigByKey("sys.qddz");


        try {


            SSOTokenResponse accessToken = getAccessToken(code, true);


            SSOUserInfo userInfo = getUserInfo(accessToken.getAccess_token(), true);


            SSOTokenResponse accessToken = getAccessTokenLyra(code, true);


            SSOUserInfo userInfo = getUserInfoLyra(accessToken.getAccess_token(), true);




            createLocalSession(userInfo);




            String path = sysConfigService.selectConfigByKey("sys.qddz");


            if (StringUtils.isEmpty(path)) {


                throw new BaseException("请配置前端地址");


            }


            String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +


                    userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +


                    "&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";


//            String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +


//                    userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +


//                    "&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";


            String reviewUrl = "";


            reviewUrl = UriComponentsBuilder.fromHttpUrl(path)


                    .path("/loginSSO")


                    .queryParam("token", accessToken.getAccess_token())


                    .queryParam("orgid", userInfo.getZuZhiJGID())


                    .queryParam("orgname", userInfo.getZuZhiJGMC())


                    .queryParam("ZuHuID", userInfo.getYongHuID())


                    .queryParam("deptCode", "null")


                    .build()


                    .toUriString();




            log.info("单点登陆重定向地址为:{}", reviewUrl);


            redirectView.setUrl(reviewUrl);


            redirectView.setStatusCode(HttpStatus.MOVED_PERMANENTLY);


            redirectView.setStatusCode(HttpStatus.FOUND);


        } catch (Exception e) {


            e.printStackTrace();


            return new RedirectView();


            log.error("SSO登录失败", e);


            redirectView.setUrl(path + "/login?error=sso_failed");


            return redirectView;




        }




        return redirectView;


@@ -168,6 +211,65 @@


     * 获取访问令牌


     */


    private SSOTokenResponse getAccessToken(String code, boolean isInternal) throws Exception {


        HttpHeaders headers = new HttpHeaders();


        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);




        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();


        params.add("client_id", clientId);


        params.add("client_secret", clientSecret);


        params.add("code", code);


        params.add("grant_type", "authorization_code");


        params.add("redirect_uri", getRedirectUri(isInternal));




        HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);




        ResponseEntity<String> response = restTemplate.exchange(getTokenUrl(isInternal), HttpMethod.POST, request, String.class);




        log.info("Token响应: {}", response.getBody());




        if (response.getBody() == null || response.getBody().trim().isEmpty()) {


            throw new RuntimeException("Token响应为空");


        }




        SSOTokenResponse tokenResponse = JSON.parseObject(response.getBody(), SSOTokenResponse.class);




        if (tokenResponse == null || StringUtils.isEmpty(tokenResponse.getAccess_token())) {


            throw new RuntimeException("获取access_token失败");


        }




        return tokenResponse;


    }




    /**


     * 获取用户信息


     */


    private SSOUserInfo getUserInfo(String accessToken, boolean isInternal) throws Exception {


        HttpHeaders headers = new HttpHeaders();


        headers.set("Authorization", "Bearer " + accessToken);




        HttpEntity<String> entity = new HttpEntity<>(headers);




        ResponseEntity<String> response = restTemplate.exchange(getUserinfoUrl(isInternal), HttpMethod.GET, entity, String.class);




        log.info("用户信息响应: {}", response.getBody());




        if (response.getBody() == null || response.getBody().trim().isEmpty()) {


            throw new RuntimeException("用户信息响应为空");


        }




        SSOUserInfo userInfo = JSON.parseObject(response.getBody(), SSOUserInfo.class);




        if (userInfo == null || StringUtils.isEmpty(userInfo.getName())) {


            throw new RuntimeException("获取用户信息失败或用户名为空");


        }




        return userInfo;


    }




    /**


     * 获取访问令牌


     */


    private SSOTokenResponse getAccessTokenLyra(String code, boolean isInternal) throws Exception {


        HttpHeaders headers = new HttpHeaders();


        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);




@@ -207,7 +309,7 @@


    /**


     * 获取用户信息


     */


    private SSOUserInfo getUserInfo(String accessToken, boolean isInternal) throws Exception {


    private SSOUserInfo getUserInfoLyra(String accessToken, boolean isInternal) throws Exception {


        HttpHeaders headers = new HttpHeaders();


        headers.set("Authorization", "Bearer " + accessToken);